This is a place for me to ruminate about Privacy. Since I work as Google's Global Privacy Counsel, I need to point out that these ruminations are mine, not Google's. Please don't attribute them to Google.

Monday, June 21, 2010

I'm back from another few days in Berlin. As usual, I met some political leaders to talk about privacy. I also took a personal side trip to visit the villa where the Wannsee Conference took place in 1942 (the infamous "final solution" conference). The German privacy debate, which I think is the most intense in the world, simply makes no sense to my ears without the backdrop of Germany's two totalitarian traumas in living memory. Privacy is always a cultural concept, and it varies from country to country, based on history and self-perception. Hardly any country, thank heaven, has Germany's history.

Even so, it was a bit of a surprise when I heard a political leader tell me clearly: "in Germany, we want innovation, but we want you to ask for permission first". Innovation and permission. In fact, I wonder if they're oxymoron. I think of innovation as serendipitous, almost the opposite of bureaucratic/political process. But in a nutshell, there it was. I sensed the frustration of politicians and regulators who want (or feel the responsibility) to regulate the profoundly disruptive phenomenon of Internet innovation, but feel dis-empowered to do so. It's hard indeed to control a phenomenon like innovation on the Internet, especially if it happens outside your borders. You can't grab the Internet by the ears and shake it, but you can grab one guy, or one company, and shake them as hard.

Innovation requires you to take risks, to try new things, to accept failure, to iterate and to move on. They all depend on a culture that accepts novelty and failures as a necessary learning step on the way to success. "Launch and iterate" has become the innovation model for the Internet. Some people and countries are more comfortable with that than others, perhaps for very valid historical and cultural reasons. As one Berliner told me: "of course Americans think differently about privacy...so would we if we had had two centuries of stable democracy."

At the Wannsee Conference villa, the Nazi officials spent a lot of time discussing how to deal with "mixed race people", categorizing each permutation of people like me with one Jewish grand-parent into a box. I saw the memo that clarified how I would have been classified as a "second-degree mongrel", with a full catalog of the legal "rights" to which I was entitled. I think of my dad, "a first-degree mongrel", who amazingly lived in Berlin throughout those years. I have lots of pictures of him as a little boy, in the early 1930's, heading off for his first day in school, petting a tiger cub in the Berlin zoo, with his dog. But then nothing, not a single picture, no record at all, for the next decade.

There's a lot of debate about the potential evils that the Internet might enable in the future, as vast amounts of data are retained and publicly available. Those issues are serious, indeed, and I can't get my head around them. Many of the people who argue most passionately about the need for a "right to be forgotten" on the Internet are thinking about these potential evils. But at the same time, so much information also has a disinfectant quality for people who believe in free speech and transparency. There are no records that I can find of that missing decade of my dad's life. In many ways, I'm more a supporter of a "right not to be forgotten" than the opposite.

I doubt the horrors of Wannsee would have been possible in the age of the Internet. Imagine Anne Frank writing a daily blog. Or the Wannsee Conference proceedings leaked onto YouTube. Or maybe I have it all wrong, and the future will cook up evils using the same technologies that seem so benign to me now. I walk around Berlin shaking my head in incredulity, no matter how often I've been. I can understand the intense urge there to forget. Surely, that influences the concept of "privacy" too.